Multi-factor automated teller machine (atm) personal identification number (pin)

ABSTRACT

An automated teller machine (ATM) may include an input component and one or more processors. The input component may be configured to detect multi-factor input associated with an account. The multi-factor input may include at least two of: a sequence of characters input via the input component, a force with which at least one character, of the sequence of characters, is input via the input component, a length of time over which at least one character, of the sequence of characters, is input via the input component, or a combination of at least two characters, of the sequence of characters, that are input concurrently via the input component. The ATM may receive the multi-factor input, validate the multi-factor input in association with the account, and selectively permit or deny access to one or more actions associated with the account based on validating the multi-factor input.

RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.15/904,034, filed Feb. 23, 2018 (now U.S. Pat. No. 10,096,026), which isincorporated herein by reference.

BACKGROUND

An automated teller machine (ATM) may refer to an electronictelecommunications device that enables customers of financialinstitutions to perform financial transactions, such as cashwithdrawals, deposits, transfer of funds, or obtaining accountinformation, at any time and without the need for direct interactionwith bank staff. ATMs are known by a variety of names, including anautomatic teller machine, an automated banking machine (ABM), a cashpoint, a Cashline®, a Minibank®, a cash machine, a Tyme® machine, a cashdispenser, a Bankomat®, or a Bancomat®.

SUMMARY

In some implementations, an automated teller machine (ATM) may includean input component and one or more processors. The input component maybe configured to detect multi-factor input associated with an account.The multi-factor input may include at least two of: a sequence ofcharacters input via the input component, a force with which at leastone character, of the sequence of characters, is input via the inputcomponent, a length of time over which at least one character, of thesequence of characters, is input via the input component, or acombination of at least two characters, of the sequence of characters,that are input concurrently via the input component. The one or moreprocessors may be configured to receive the multi-factor input, validatethe multi-factor input in association with the account, and selectivelypermit or deny access to one or more actions associated with the accountbased on validating the multi-factor input.

In some implementations, a method may include receiving, by an automatedteller machine (ATM), multi-factor input associated with validatingaccess to an account. The multi-factor input may include at least twoof: a sequence of characters, a level of force with which at least onecharacter, of the sequence of characters, is input, a length of timeover which at least one character, of the sequence of characters, isinput, or a combination of at least two characters, of the sequence ofcharacters, that are input concurrently. The method may includedetermining, by the ATM, whether the multi-factor input is valid for theaccount. The method may include selectively permitting or denying, bythe ATM, performance of one or more actions associated with the accountbased on determining whether the multi-factor input is valid for theaccount.

In some implementations, a device may include one or more memories andone or more processors communicatively coupled to the one or morememories. The one or more processors may be configured to: receive inputassociated with access validation. The input may include at least twoof: a sequence of characters, a level of force with which at least onecharacter, of the sequence of characters, is input, a length of timeover which at least one character, of the sequence of characters, isinput, or a combination of at least two characters, of the sequence ofcharacters, that are input concurrently. The one or more processors maybe configured to determine whether the input is valid, and selectivelypermit or deny access based on determining whether the input is valid.

Implementations generally include a method, apparatus, system, computerprogram product, non-transitory computer-readable medium, ATM,validation device, and user device as substantially described hereinwith reference to and as illustrated by the accompanying drawings andspecification.

BRIEF DESCRIPTION OF THE DRAWINGS

FIGS. 1A and 1B are diagrams of an example implementation describedherein;

FIG. 2 is a diagram of an example environment in which systems and/ormethods, described herein, may be implemented;

FIG. 3 is a diagram of example components of one or more devices of FIG.2; and

FIGS. 4-6 are flow charts of example processes relating to using amulti-factor ATM personal identification number (PIN).

DETAILED DESCRIPTION

The following detailed description of example implementations refers tothe accompanying drawings. The same reference numbers in differentdrawings may identify the same or similar elements.

A personal identification number (PIN) or other input, used to access anaccount or other secure information, may be stolen and used formalicious purposes (e.g., to steal money, commit fraud, and/or thelike). In some cases, a malicious person may steal a PIN by watching anATM user input the PIN, by installing a camera that records an ATM userinputting the PIN, by analyzing a PIN pad to determine input numbers,and/or the like. Because PINs typically consist of a sequence of numbers(e.g., 4 numbers and/or the like), a malicious person needs to know onlythe numbers and the sequence in order to obtain fraudulent access to anaccount. Some techniques and apparatuses described herein add otherfactors to a PIN, such as a force with which a number is pressed, alength of time that a number is pressed, a combination of numberspressed at the same time, and/or the like. In this way, techniques andapparatuses described herein increase the security of accounts and/orother secure information and reduce fraud.

FIGS. 1A and 1B are diagrams of an example implementation 100 describedherein. As shown in FIG. 1A, a user may interact with an ATM or a userdevice (e.g., a smart phone, a tablet, and/or the like) to configure amulti-factor input, such as a multi-factor PIN. For example, as shown byreference number 105, a device (e.g., an ATM, a user device, and/or thelike) may receive user input that indicates a set of parameters formulti-factor input associated with validating access to an account. Theset of parameters may include, for example, a sequence of characters tobe used as the multi-factor input, a force with which at least onecharacter is to be input for the multi-factor input, a length of timeover which at least one character is to be input for the multi-factorinput, a combination of at least two characters that are to be inputconcurrently for the multi-factor input, and/or the like. In someimplementations, the set of parameters may include multiple of theseand/or other parameters.

In some implementations, as shown by reference number 110, the devicemay be an ATM, and the user may input the set of parameters byinteracting with an input component of the ATM (e.g., one or moremechanical buttons, one or more electronic buttons, one or more sensors,a keypad, a number pad, a touch screen, and/or the like). In this case,the user may receive a temporary PIN (e.g., in the mail, electronically,and/or the like) that corresponds to a transaction card (e.g., a debitcard and/or the like). The user may interact with the ATM using thetransaction card (e.g., by inserting the transaction card and/or thelike), may input the temporary PIN, and may be prompted to create a newmulti-factor PIN. The user may interact with the input component of theATM to create the multi-factor PIN, such as by inputting a sequence ofcharacters (e.g., numbers, letters, symbols, or other characters),inputting one or more characters using a particular amount of force,inputting one or more characters for a particular length of time,inputting two or more characters concurrently, and/or the like. In someimplementations, the user may provide input to indicate that the userhas finished inputting the multi-factor PIN. In some implementations,the user may be prompted to repeat the input a particular quantity oftimes (e.g., repeat once, repeat twice, and/or the like) to confirm themulti-factor PIN.

In some implementations, as shown by reference number 115, the devicemay be a user device (e.g., not an ATM), and the user may input the setof parameters by interacting with an input component of the user device(e.g., one or more mechanical buttons, one or more electronic buttons,one or more sensors, a keypad, a number pad, a touch screen, and/or thelike). In some implementations, the user may interact with the inputcomponent of the user device to create the multi-factor PIN, in asimilar manner as described above in connection with the ATM. Forexample, the user may interact with the user device to mimic ATM input.

In some implementations, as shown by reference number 120, the user mayinput the set of parameters by identifying values for the set ofparameters. For example, the user may indicate a first sequentialcharacter (e.g., a number) in a sequence of characters of themulti-factor input, may input a value that indicates a force for thefirst sequential character (e.g., soft, medium, hard, and/or the like),may input a length of time that the first sequential character is to beinput (e.g., short, medium, long, 1 second, 2 seconds, 3 seconds, and/orthe like), may indicate whether the first sequential character shouldinclude a single character or multiple characters input concurrently,and/or the like.

As shown by reference number 125, the device (e.g., the ATM, the userdevice, and/or the like) may transmit the set of parameters to avalidation device (e.g., a server and/or the like). The validationdevice may be associated with validating access to an account, and maybe stored (e.g., securely, in an encrypted manner, and/or the like) topermit the validation device to validate a subsequent attempt to accessthe account via an ATM, as described below in connection with FIG. 1B.While some implementations are described herein in connection withvalidating access to a financial account, the multi-factor input may beused for other types of access validation, such as access to anon-financial account, access to secure information, access to a securearea, and/or the like. In some implementations, the multi-factor inputmay be input to a device other than an ATM, such as a computing device,an access device that permits or denies access to secure information ora secure area, and/or the like.

As shown in FIG. 1B and by reference number 130, at a later time, an ATMmay receive multi-factor input associated with validating access to anaccount. As shown, in some implementations, the ATM may include anoutput component (e.g., a display and/or the like) that outputs anindication that the ATM accepts multi-factor input. As described above,the multi-factor input may include a sequence of characters, such as asequence of numbers, letters, symbols, and/or the like. For example, auser may interact with an input component of the ATM to input a sequenceof characters for validating access to an account (e.g., after inputtinga transaction card associated with the account). Additionally, oralternatively, the multi-factor input may include a level of force withwhich at least one character, of the sequence of characters, is input.For example, the user may interact with an input component of the ATM toinput (e.g., touch, press, select, and/or the like) a character with aparticular level of force (e.g., within a range of force levels). Insome implementations, different characters may be input with differentlevels of force. In some implementations, different characters may beinput with the same level of force. In some implementations, eachcharacter, included in the sequence of characters, may be associatedwith a corresponding level of force with which that character is input.In some implementations, the level of force for one character, includedin the sequence of characters, is independent of the level of force foranother character included in the sequence of characters. In this way,security may be increased by increasing the possible combinations offactors that can be input to obtain access to an account.

Additionally, or alternatively, the multi-factor input may include alength of time over which at least one character, of the sequence ofcharacters, is input. For example, the user may interact with an inputcomponent of the ATM to input a character for a particular amount oftime (e.g., within a range of times). In some implementations, differentcharacters may be input for different amounts of time. In someimplementations, different characters may be input for the same amountof time. In some implementations, each character, included in thesequence of characters, may be associated with a corresponding length oftime with which that character is input. In some implementations, thelength of time for one character, included in the sequence ofcharacters, is independent of the length of time for another characterincluded in the sequence of characters. In this way, security may beincreased by increasing the possible combinations of factors that can beinput to obtain access to an account.

Additionally, or alternatively, the multi-factor input may include acombination of at least two characters, of the sequence of characters,that are input concurrently. For example, the user may interact with aninput component of the ATM to press two or more characters at the sametime, to release two or more characters at the same time, to press andrelease two or more characters at the same time, to press two or morecharacters during an overlapping time period, and/or the like. In thisway, security may be increased by increasing the possible combinationsof factors that can be input to obtain access to an account.

In some implementations, the multi-factor input includes multiplefactors described above and/or other factors. For example, themulti-factor input may include inputting a sequence of characters,inputting one or more characters using a particular amount of force,inputting one or more characters for a particular length of time,inputting two or more characters concurrently, and/or the like.

In some implementations, the ATM may determine whether the multi-factorinput is valid for the account, such as by transmitting and/or receivinginformation from a validation device associated with validating accessto the account. For example, as shown by reference number 135, the ATMmay transmit, to the validation device, information that identifies themulti-factor input for the account (e.g., the multi-factor input thatwas input by the user, as described above in connection with referencenumber 130), such as by transmitting a set of parameters correspondingto the multi-factor input, in a similar manner as described above inconnection with FIG. 1A. The information may indicate, for example, asequence of characters received by the ATM, a level of force with whichdifferent characters were input, a length of time over which differentcharacters were input, two or more characters that were inputconcurrently, a length of time over which the concurrent input wasreceived, and/or the like. In some implementations, the ATM may indicatethe level of force using a unit of measurement for force (e.g., Newtons,pounds per square inch (psi), atmospheres, and/or the like) or a mappingof the unit of measurement to a value indicative of a range of forces(e.g., hard, medium, soft, and/or the like). Similarly, the ATM mayindicate the length of time using a unit of measurement for time (e.g.,seconds, milliseconds, and/or the like) or a mapping of the unit ofmeasurement to a value indicative of a range of times (e.g., long,medium, short, and/or the like).

As shown by reference number 140, the validation device may determinewhether the multi-factor input is valid for the account (e.g., anaccount associated with a transaction card used to interact with the ATMand that corresponds to the multi-factor input). For example, thevalidation device may store information that identifies multi-factorinput that is valid for an account (e.g., as described above inconnection with FIG. 1A). The validation device may compare the storedinformation and the received information (e.g., by performing a lookup)to determine whether the multi-factor input being used to attempt accessto the account is valid. For example, if a received set of parameterscorresponding to the multi-factor input matches a stored set ofparameters for the account (and/or is within a tolerance level, such asa force tolerance, a time tolerance, and/or the like, which may beconfigurable by a user), then the validation device may determine thatthe multi-factor input is valid for the account. Otherwise, thevalidation device may determine that the multi-factor input is invalidfor the account.

As shown by reference number 145, the validation device may transmit, tothe ATM, an indication of whether the multi-factor input is valid forthe account based on the determination described above. As shown byreference number 150, the ATM may selectively permit or deny performanceof one or more actions associated with the account based on theindication. For example, the ATM may use the indication to determinewhether to permit or deny performance of one or more actions associatedwith the account. The one or more actions may include, for example,outputting account information associated with the account (e.g., anaccount number, an account balance, and/or the like), performing atransaction associated with the account, withdrawing money from theaccount, or depositing money to the account.

By using multi-factor input to validate account access, the ATM and/orthe validation device may increase the security of an account (and/orother secure information), may reduce fraud, and/or the like.

As indicated above, FIGS. 1A and 1B are provided as an example. Otherexamples are possible and may differ from what was described with regardto FIGS. 1A and 1B.

FIG. 2 is a diagram of an example environment 200 in which systemsand/or methods, described herein, may be implemented. As shown in FIG.2, environment 200 may include an ATM 205, which may include an inputcomponent 210, an output component 215, one or more processors 220, oneor more memories 225, and/or a communication interface 230. As furthershown, environment 200 may include one or more validation devices 235, auser device 240, a transaction card 245, and/or a network 250. Devicesand/or components of environment 200 may interconnect via wiredconnections, wireless connections, or a combination of wired andwireless connections.

ATM 205 includes one or more devices capable of performing various typesof financial transactions, such as a cash withdrawal, a money deposit(e.g., a check or cash deposit), a money transfer (e.g., a transfer fromone bank account to another bank account), access to information relatedto an account (e.g., a bank account, a checking account, a creditaccount, etc.), and/or the like. For example, ATM device 220 may includean ATM, an automated banking machine (ABM), a cash point, a Cashline®, aMinibank®, a cash machine, a Tyme® machine, a cash dispenser, aBankomat®, a Bancomat®, and/or a similar type of device. In someimplementations, ATM 205 may receive multi-factor input, and maydetermine whether to provide access to an account (e.g., to perform oneor more actions associated with the account) based on the multi-factorinput, as described elsewhere herein. While an ATM 205 is used as anexample, the techniques described herein may be performed to permit ordeny access using another type of device, such as a computer, a securitydoor, a turnstile, and/or the like.

Input component 210 includes one or more devices capable of being usedto provide multi-factor input to ATM 205. For example, input component210 may include one or more mechanical buttons, one or more electronicbuttons, one or more sensors, a keypad (e.g., a mechanical keypad, anelectronic keypad, and/or the like), a number pad (e.g., a mechanicalnumber pad, an electronic number pad, and/or the like), a PIN pad (e.g.,a mechanical PIN pad, an electronic PIN pad, and/or the like), a touchscreen, and/or the like. In some implementations, input component 210may include one or more mechanical buttons and one or more sensors todetect a mechanical force with which the one or more mechanical buttonsare pressed. In some implementations, input component 210 may includeone or more electronic buttons and one or more sensors to detect asurface area covered when the one or more electronic buttons arepressed. In this case, a larger surface area may indicate that theelectronic button is being pushed with more force, a smaller surfacearea may indicate that the electronic button is being pushed with lessforce, and/or the like. Additionally, or alternatively, input component210 may include one or more mechanical or electronic buttons and one ormore sensors to determine an amount of time that a mechanical orelectronic button, of the one or more mechanical or electronic buttons,is pressed.

Output component 215 includes one or more devices capable of being usedto output information from ATM 205. For example, output component 215may include a display, a speaker, an indicator light (e.g., alight-emitting diode and/or the like), a vibrating component, and/or thelike. In some implementations, output component 215 may output anindication that ATM 205 accepts multi-factor input. Additionally, oralternatively, output component 215 may output an indication of whetherthe multi-factor input is valid or invalid. Additionally, oralternatively, output component 215 may output information associatedwith an action to be performed in connection with an account.

Processor 220 includes one or more types of processing componentscapable of being programmed to perform a function, such as one or moreoperations described elsewhere herein. For example, processor 220 mayperform process 400 of FIG. 4, process 500 of FIG. 5, process 600 ofFIG. 6, and/or the like. In some implementations, processor 220 maycorrespond to processor 320, described in more detail below inconnection with FIG. 3.

Memory 225 includes one or more types of memories capable of storinginformation. In some implementations, memory 225 may store information(e.g., a set of parameters corresponding to multi-factor input and/orthe like) associated with performing one or more operations describedelsewhere herein. For example, memory 225 may store information to beused (e.g., by processor 220) to perform process 400 of FIG. 4, process500 of FIG. 5, process 600 of FIG. 6, and/or the like. In someimplementations, memory 225 may correspond to memory 330, described inmore detail below in connection with FIG. 3.

Communication interface 230 includes one or more types of communicationinterfaces that allow ATM 205 to communicate with other devices (e.g.,validation device 235, user devices 240, transaction card 245, and/orthe like), such as via a wired connection, a wireless connection, or acombination of wired and wireless connections. For example,communication interface 230 may be used to read information fromtransaction card 245, to transmit information to or receive informationfrom validation device 235 (e.g., information associated withmulti-factor input), and/or the like. In some implementations,communication interface 230 may correspond to communication interface370, described in more detail below in connection with FIG. 3.

Validation device 235 includes one or more devices capable of validatingmulti-factor input. For example, validation device 235 may include aserver, a cloud computing device, a transaction backend, or another typeof computing device. In some implementations, validation device 235 maystore a set of parameters associated with multi-factor input (e.g., foran account, for access, etc.), which may be configured and/or stored bycommunicating with ATM 205, user device 240, and/or the like.Additionally, or alternatively, validation device 235 may receive a setof parameters associated with multi-factor input, may compare thereceived parameter(s) to stored parameter(s), and may determine whetherto permit or deny access based on the comparison. In someimplementations, validation device 235 may transmit (e.g., to ATM 205)an indication of whether to permit or deny access based on thedetermination.

User device 240 includes one or more devices capable of receiving a setof parameters for configuring multi-factor input, as described elsewhereherein. For example, user device 240 may include a smart phone, a tabletcomputer, a laptop computer, a desktop computer, a wearable device,and/or the like.

Transaction card 245 includes a transaction card that can be used tocomplete a transaction and/or access account information. For example,transaction card 245 may include a credit card, a debit card, an ATMcard, a stored-value card, a fleet card, a transit card, an access card,a virtual card implemented on user device 240, and/or the like.Transaction card 245 may be capable of storing and/or communicating datafor a point-of-sale (PoS) transaction and/or an ATM transaction. Forexample, transaction card 245 may store and/or communicate data,including account information (e.g., an account identifier, a cardholderidentifier, etc.), expiration information of transaction card 245 (e.g.,information identifying an expiration month and/or year of transactioncard 245), banking information (e.g., a routing number of a bank, a bankidentifier, etc.), transaction information (e.g., a payment token),and/or the like. For example, to store and/or communicate the data,transaction card 245 may include a magnetic strip and/or an integratedcircuit (IC) chip (e.g., a EUROPAY®, MASTERCARD®, or VISA® (EMV) chip).Additionally, or alternatively, transaction card 245 may include anantenna to communicate data associated with transaction card 245. Theantenna may be a passive radio frequency (RF) antenna, an active RFantenna, and/or a battery-assisted RF antenna. In some implementations,transaction card 245 may be a smart transaction card, capable ofcommunicating wirelessly (e.g., via Bluetooth, Bluetooth Low Energy(BLE), near-field communication (NFC), and/or the like) with ATM 205.

Network 250 includes one or more wired and/or wireless networks. Forexample, network 250 may include a cellular network (e.g., a long-termevolution (LTE) network, a code division multiple access (CDMA) network,a 3G network, a 4G network, a 5G network, another type of nextgeneration network, etc.), a public land mobile network (PLMN), a localarea network (LAN), a wide area network (WAN), a metropolitan areanetwork (MAN), a telephone network (e.g., the Public Switched TelephoneNetwork (PSTN)), a private network, an ad hoc network, an intranet, theInternet, a fiber optic-based network, a cloud computing network, and/orthe like, and/or a combination of these or other types of networks.

The number and arrangement of devices and networks shown in FIG. 2 areprovided as an example. In practice, there may be additional devicesand/or networks, fewer devices and/or networks, different devices and/ornetworks, or differently arranged devices and/or networks than thoseshown in FIG. 2. Furthermore, two or more devices shown in FIG. 2 may beimplemented within a single device, or a single device shown in FIG. 2may be implemented as multiple, distributed devices. Additionally, oralternatively, a set of devices (e.g., one or more devices) ofenvironment 200 may perform one or more functions described as beingperformed by another set of devices of environment 200.

FIG. 3 is a diagram of example components of a device 300. Device 300may correspond to ATM 205, validation device 235, user device 240,and/or transaction card 245. In some implementations, ATM 205,validation device 235, user device 240, and/or transaction card 245 mayinclude one or more devices 300 and/or one or more components of device300. As shown in FIG. 3, device 300 may include a bus 310, a processor320, a memory 330, a storage component 340, an input component 350, anoutput component 360, and/or a communication interface 370.

Bus 310 includes a component that permits communication among thecomponents of device 300. Processor 320 is implemented in hardware,firmware, or a combination of hardware and software. Processor 320 is acentral processing unit (CPU), a graphics processing unit (GPU), anaccelerated processing unit (APU), a microprocessor, a microcontroller,a digital signal processor (DSP), a field-programmable gate array(FPGA), an application-specific integrated circuit (ASIC), or anothertype of processing component. In some implementations, processor 320includes one or more processors capable of being programmed to perform afunction. Memory 330 includes a random access memory (RAM), a read onlymemory (ROM), and/or another type of dynamic or static storage device(e.g., a flash memory, a magnetic memory, and/or an optical memory) thatstores information and/or instructions for use by processor 320.

Storage component 340 stores information and/or software related to theoperation and use of device 300. For example, storage component 340 mayinclude a hard disk (e.g., a magnetic disk, an optical disk, amagneto-optic disk, and/or a solid state disk), a compact disc (CD), adigital versatile disc (DVD), a floppy disk, a cartridge, a magnetictape, and/or another type of non-transitory computer-readable medium,along with a corresponding drive.

Input component 350 includes a component that permits device 300 toreceive information, such as via user input (e.g., a touch screendisplay, a keyboard, a keypad, a mouse, a button, a switch, and/or amicrophone). Additionally, or alternatively, input component 350 mayinclude a sensor for sensing information (e.g., a global positioningsystem (GPS) component, an accelerometer, a gyroscope, and/or anactuator). Output component 360 includes a component that providesoutput information from device 300 (e.g., a display, a speaker, and/orone or more light-emitting diodes (LEDs)).

Communication interface 370 includes a transceiver-like component (e.g.,a transceiver and/or a separate receiver and transmitter) that enablesdevice 300 to communicate with other devices, such as via a wiredconnection, a wireless connection, or a combination of wired andwireless connections. Communication interface 370 may permit device 300to receive information from another device and/or provide information toanother device. For example, communication interface 370 may include anEthernet interface, an optical interface, a coaxial interface, aninfrared interface, a radio frequency (RF) interface, a universal serialbus (USB) interface, a Wi-Fi interface, a cellular network interface, orthe like.

Device 300 may perform one or more processes described herein. Device300 may perform these processes based on processor 320 executingsoftware instructions stored by a non-transitory computer-readablemedium, such as memory 330 and/or storage component 340. Acomputer-readable medium is defined herein as a non-transitory memorydevice. A memory device includes memory space within a single physicalstorage device or memory space spread across multiple physical storagedevices.

Software instructions may be read into memory 330 and/or storagecomponent 340 from another computer-readable medium or from anotherdevice via communication interface 370. When executed, softwareinstructions stored in memory 330 and/or storage component 340 may causeprocessor 320 to perform one or more processes described herein.Additionally, or alternatively, hardwired circuitry may be used in placeof or in combination with software instructions to perform one or moreprocesses described herein. Thus, implementations described herein arenot limited to any specific combination of hardware circuitry andsoftware.

The number and arrangement of components shown in FIG. 3 are provided asan example. In practice, device 300 may include additional components,fewer components, different components, or differently arrangedcomponents than those shown in FIG. 3. Additionally, or alternatively, aset of components (e.g., one or more components) of device 300 mayperform one or more functions described as being performed by anotherset of components of device 300.

FIG. 4 is a flow chart of an example process 400 for configuringmulti-factor input. In some implementations, one or more process blocksof FIG. 4 may be performed by ATM 205 and/or user device 240. In someimplementations, one or more process blocks of FIG. 4 may be performedby another device or a group of devices separate from or including ATM205 and/or user device 240, such as validation device 235.

As shown in FIG. 4, process 400 may include receiving user input thatindicates a set of parameters for multi-factor input associated withvalidating access to an account (block 410). For example, ATM 205 and/oruser device 240 (e.g., using an input component and/or the like) mayreceive user input that indicates a set of parameters for multi-factorinput associated with validating access to an account, as describedabove in connection with FIGS. 1A-1B. In some implementations, the setof parameters includes at least two of: a sequence of characters to beused as the multi-factor input, a force with which at least onecharacter, of the sequence of characters, is to be input for themulti-factor input, a length of time over which at least one character,of the sequence of characters, is to be input for the multi-factorinput, or a combination of at least two characters, of the sequence ofcharacters, that are to be input concurrently for the multi-factorinput.

As further shown in FIG. 4, process 400 may include transmitting the setof parameters to a device associated with validating access to theaccount to permit the device to validate a subsequent attempt to accessthe account via an automated teller machine (block 420). For example,ATM 205 and/or user device 240 (e.g., using a communication interfaceand/or the like) may transmit the set of parameters to a device (e.g.,validation device 235) associated with validating access to the accountto permit the device (e.g., validation device 235) to validate asubsequent attempt to access the account via an ATM 205, as describedabove in connection with FIGS. 1A-1B.

Process 400 may include additional implementations, such as any singleimplementation or any combination of implementations described inconnection with FIG. 5 and/or FIG. 6.

Although FIG. 4 shows example blocks of process 400, in someimplementations, process 400 may include additional blocks, fewerblocks, different blocks, or differently arranged blocks than thosedepicted in FIG. 4. Additionally, or alternatively, two or more of theblocks of process 400 may be performed in parallel.

FIG. 5 is a flow chart of an example process 500 for configuringmulti-factor input. In some implementations, one or more process blocksof FIG. 5 may be performed by ATM 205. In some implementations, one ormore process blocks of FIG. 5 may be performed by another device or agroup of devices separate from or including ATM 205, such as validationdevice 235, user device 240, and/or transaction card 245.

As shown in FIG. 5, process 500 may include receiving multi-factor inputassociated with validating access to an account via an ATM (block 510).For example, ATM 205 (e.g., using an input component and/or the like)may receive multi-factor input associated with validating access to anaccount, as described above in connection with FIGS. 1A-1B. In someimplementations, the multi-factor input includes at least two of: asequence of characters, a level of force with which at least onecharacter, of the sequence of characters, is input, a length of timeover which at least one character, of the sequence of characters, isinput, or a combination of at least two characters, of the sequence ofcharacters, that are input concurrently.

As further shown in FIG. 5, process 500 may include determining whetherthe multi-factor input is valid for the account (block 520). Forexample, ATM 205 (e.g., using a processor, a communication interface,and/or the like) may determine whether the multi-factor input is validfor the account, as described above in connection with FIGS. 1A-1B.

As further shown in FIG. 5, process 500 may include selectivelypermitting or denying performance of one or more actions associated withthe account based on determining whether the multi-factor input is validfor the account (block 530). For example, ATM 205 (e.g., using aprocessor and/or the like) may selectively permit or deny performance ofone or more actions associated with the account based on determiningwhether the multi-factor input is valid for the account, as describedabove in connection with FIGS. 1A-1B.

Process 500 may include additional implementations, such as any singleimplementation or any combination of implementations described belowand/or described in connection with FIG. 4 and/or FIG. 6.

In some implementations, the multi-factor input includes the sequence ofcharacters and the level of force with which at least one character, ofthe sequence of characters, is input. In some implementations, themulti-factor input includes the sequence of characters and the length oftime over which at least one character, of the sequence of characters,is input. In some implementations, the multi-factor input includes: thesequence of characters, the level of force with which at least onecharacter, of the sequence of characters, is input, and the length oftime over which at least one character, of the sequence of characters,is input.

In some implementations, each character, included in the sequence ofcharacters, is associated with a corresponding level of force with whichthat character is input. In some implementations, each character,included in the sequence of characters, is associated with acorresponding length of time over which that character is input. In someimplementations, the level of force is within a range of force. In someimplementations, the length of time is within a range of time. In someimplementations, the one or more actions include at least one of:outputting account information associated with the account, performing atransaction associated with the account, withdrawing money from theaccount, or depositing money to the account.

In some implementations, ATM 205 receives the multi-factor input via aninput component. In some implementations, the input component includesone or more mechanical buttons and one or more sensors to detect amechanical force with which the one or more mechanical buttons arepressed. In some implementations, the input component includes one ormore electronic buttons and one or more sensors to detect a surface areacovered when the one or more electronic buttons are pressed. In someimplementations, the input component includes one or more mechanical orelectronic buttons and one or more sensors to determine an amount oftime that a mechanical or electronic button, of the one or moremechanical or electronic buttons, is pressed. In some implementations,the input component includes a mechanical keypad or a mechanical numberpad. In some implementations, the input component includes a touchscreen. In some implementations, ATM 205 includes an output componentconfigured to output an indication that the input component acceptsmulti-factor input.

Although FIG. 5 shows example blocks of process 500, in someimplementations, process 500 may include additional blocks, fewerblocks, different blocks, or differently arranged blocks than thosedepicted in FIG. 5. Additionally, or alternatively, two or more of theblocks of process 500 may be performed in parallel.

FIG. 6 is a flow chart of an example process 600 for validatingmulti-factor input. In some implementations, one or more process blocksof FIG. 6 may be performed by validation device 235. In someimplementations, one or more process blocks of FIG. 6 may be performedby another device or a group of devices separate from or includingvalidation device 235, such as ATM 205.

As shown in FIG. 6, process 600 may include receiving, from an ATM,information that identifies multi-factor input associated with anaccount (block 610). For example, validation device 235 (e.g., using aprocessor, a communication interface, and/or the like) may receiveinformation that identifies multi-factor input associated with anaccount, as described above in connection with FIGS. 1A-1B. In someimplementations, validation device 235 may receive the information froman ATM 205.

As further shown in FIG. 6, process 600 may include determining whetherthe multi-factor input is valid for the account (block 620). Forexample, validation device 235 (e.g., using a memory, a processor,and/or the like) may determine whether the multi-factor input is validfor the account, as described above in connection with FIGS. 1A-1B.

As further shown in FIG. 6, process 600 may include transmitting, to theATM, an indication of whether to permit or deny access to one or moreactions associated with the account based on determining whether themulti-factor input is valid for the account (block 630). For example,validation device 235 (e.g., using a processor, a communicationinterface, and/or the like) may transmit an indication of whether topermit or deny access to one or more actions associated with the accountbased on determining whether the multi-factor input is valid for theaccount, as described above in connection with FIGS. 1A-1B. In someimplementations, validation device 235 may transmit the indication to anATM 205 from which the information that identifies the multi-factorinput was received.

Process 600 may include additional implementations, such as any singleimplementation or any combination of implementations described inconnection with FIG. 4 and/or FIG. 5.

Although FIG. 6 shows example blocks of process 600, in someimplementations, process 600 may include additional blocks, fewerblocks, different blocks, or differently arranged blocks than thosedepicted in FIG. 6. Additionally, or alternatively, two or more of theblocks of process 600 may be performed in parallel.

By using a multi-factor input, such as a multi-factor PIN, techniquesand apparatuses described herein may increase the security of accountsand/or other secure information, may reduce fraud, and/or the like.

The foregoing disclosure provides illustration and description, but isnot intended to be exhaustive or to limit the implementations to theprecise form disclosed. Modifications and variations are possible inlight of the above disclosure or may be acquired from practice of theimplementations.

As used herein, the term component is intended to be broadly construedas hardware, firmware, or a combination of hardware and software.

Some implementations are described herein in connection with thresholds.As used herein, satisfying a threshold may refer to a value beinggreater than the threshold, more than the threshold, higher than thethreshold, greater than or equal to the threshold, less than thethreshold, fewer than the threshold, lower than the threshold, less thanor equal to the threshold, equal to the threshold, or the like.

Certain user interfaces have been described herein and/or shown in thefigures. A user interface may include a graphical user interface, anon-graphical user interface, a text-based user interface, or the like.A user interface may provide information for display. In someimplementations, a user may interact with the information, such as byproviding input via an input component of a device that provides theuser interface for display. In some implementations, a user interfacemay be configurable by a device and/or a user (e.g., a user may changethe size of the user interface, information provided via the userinterface, a position of information provided via the user interface,etc.). Additionally, or alternatively, a user interface may bepre-configured to a standard configuration, a specific configurationbased on a type of device on which the user interface is displayed,and/or a set of configurations based on capabilities and/orspecifications associated with a device on which the user interface isdisplayed.

It will be apparent that systems and/or methods, described herein, maybe implemented in different forms of hardware, firmware, or acombination of hardware and software. The actual specialized controlhardware or software code used to implement these systems and/or methodsis not limiting of the implementations. Thus, the operation and behaviorof the systems and/or methods were described herein without reference tospecific software code—it being understood that software and hardwarecan be designed to implement the systems and/or methods based on thedescription herein.

Even though particular combinations of features are recited in theclaims and/or disclosed in the specification, these combinations are notintended to limit the disclosure of possible implementations. In fact,many of these features may be combined in ways not specifically recitedin the claims and/or disclosed in the specification. Although eachdependent claim listed below may directly depend on only one claim, thedisclosure of possible implementations includes each dependent claim incombination with every other claim in the claim set.

No element, act, or instruction used herein should be construed ascritical or essential unless explicitly described as such. Also, as usedherein, the articles “a” and “an” are intended to include one or moreitems, and may be used interchangeably with “one or more.” Furthermore,as used herein, the term “set” is intended to include one or more items(e.g., related items, unrelated items, a combination of related andunrelated items, etc.), and may be used interchangeably with “one ormore.” Where only one item is intended, the term “one” or similarlanguage is used. Also, as used herein, the terms “has,” “have,”“having,” or the like are intended to be open-ended terms. Further, thephrase “based on” is intended to mean “based, at least in part, on”unless explicitly stated otherwise.

What is claimed is:
 1. An automated teller machine (ATM), comprising: aninput component configured to detect multi-factor input associated withan account, the multi-factor input comprising at least two of: asequence of characters input via the input component, a force with whichat least one character, of the sequence of characters, is input via theinput component, a length of time over which at least one character, ofthe sequence of characters, is input via the input component, or acombination of at least two characters, of the sequence of characters,that are input concurrently via the input component; and one or moreprocessors configured to: provide a user interface to create themulti-factor input associated with the account, the user interfaceallowing a user to identify values for the multi-factor input; andcreate the multi-factor input based upon input from the user.
 2. The ATMof claim 1, where the user receives a temporary personal identificationnumber (PIN) associated with the account, the temporary PIN being inputprior to creating the multi-factor input.
 3. The ATM of claim 1, wherethe one or more processors are further to: receive the multi-factorinput; validate the multi-factor input in association with the account;and selectively permit or deny access to one or more actions associatedwith the account based on validating the multi-factor input.
 4. The ATMof claim 1, where the user provides additional input to indicate thatthe user has finished creating the multi-factor input.
 5. The ATM ofclaim 1, further comprising: an output component configured to output anindication that the input component accepts multi-factor input.
 6. TheATM of claim 1, where the input component includes one or moremechanical or electronic buttons and one or more sensors to determine anamount of time that a mechanical or electronic button, of the one ormore mechanical or electronic buttons, is pressed.
 7. The ATM of claim1, where the input component includes one or more electronic buttons andone or more sensors to detect a surface area covered when the one ormore electronic buttons are pressed.
 8. A method, comprising: receiving,by a device, a temporary personal identification number (PIN) associatedwith an account, the temporary PIN being received based upon a userinteracting with an input component of an automated teller machine(ATM); providing, by the device, a user interface for creating amulti-factor input associated with validating access to the account, themulti-factor input comprising at least two of: a sequence of charactersinput via the input component, a force with which at least onecharacter, of the sequence of characters, is input via the inputcomponent, a length of time over which at least one character, of thesequence of characters, is input via the input component, or acombination of at least two characters, of the sequence of characters,that are input concurrently via the input component; and creating, bythe device, the multi-factor input based upon input from the user. 9.The method of claim 8, further comprising: receiving the multi-factorinput associated with validating access to the account, determiningwhether the multi-factor input is valid for the account; and selectivelypermitting or denying performance of one or more actions associated withthe account based on determining whether the multi-factor input is validfor the account.
 10. The method of claim 9, where the one or moreactions include at least one of: outputting account informationassociated with the account, performing a transaction associated withthe account, withdrawing money from the account, or depositing money tothe account.
 11. The method of claim 8, where the user providesadditional input to indicate that the user has finished creating themulti-factor input.
 12. The method of claim 8, where the multi-factorinput includes: the sequence of characters, a level of force with whichat least one character, of the sequence of characters, is input, and thelength of time over which at least one character, of the sequence ofcharacters, is input.
 13. The method of claim 8, where each character,included in the sequence of characters, is associated with acorresponding level of force with which that character is input.
 14. Themethod of claim 8, where each character, included in the sequence ofcharacters, is associated with a corresponding length of time over whichthat character is input.
 15. A user device, comprising: one or morememories; and one or more processors, communicatively coupled to the oneor more memories, configured to: receive a temporary personalidentification number (PIN) associated with an account, the temporaryPIN being received based upon a user interacting with an input componentof an automated teller machine (ATM); provide a user interface forcreating input associated with access validation of the account, theinput including at least two of: a sequence of characters, a level offorce with which at least one character, of the sequence of characters,is input, a length of time over which at least one character, of thesequence of characters, is input, or a combination of at least twocharacters, of the sequence of characters, that are input concurrently,and the user interface allowing the user to identify values for theinput; and create the input based upon the user identifying values forthe input.
 16. The user device of claim 15, where the one or moreprocessors are further to: receive the input associated with the accessvalidation; determine whether the input is valid; and selectively permitor deny access based on determining whether the input is valid.
 17. Theuser device of claim 15, where the input includes: the sequence ofcharacters, the level of force with which at least one character, of thesequence of characters, is input, and the length of time over which atleast one character, of the sequence of characters, is input.
 18. Theuser device of claim 15, where the one or more processors, whenselectively permitting or denying access, are configured to: selectivelypermit or deny access to one or more actions associated with theaccount, wherein the one or more actions include at least one of:outputting account information associated with the account, performing atransaction associated with the account, withdrawing money from theaccount, or depositing money to the account.
 19. The user device ofclaim 15, where the input includes the sequence of characters and thelevel of force with which at least one character, of the sequence ofcharacters, is input.
 20. The user device of claim 15, where the inputincludes the sequence of characters and the length of time over which atleast one character, of the sequence of characters, is input.